CC-tea/coreutils
1
0
Fork 0
mirror of git://git.sv.gnu.org/coreutils.git synced 2026-02-12 10:22:38 +02:00
Code Issues Projects Releases Wiki Activity

Keep SELinux-related ChangLog entries here.

Browse Source
This commit is contained in:
Jim Meyering
2007-01-13 12:12:03 +01:00
parent 2912097e82
commit 2aab34d486
1 changed files with 92 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
ChangeLog-selinux Normal file
View File

@@ -0,0 +1,92 @@
2007-01-06 Jim Meyering <jim@meyering.net>
stat: Add support for SELinux in the form of a %C format directive.
* src/stat.c (follow_links): Make this variable file-global.
(out_file_context): New function.
(print_statfs): Honor %C.
(print_stat): Honor %C.
(do_stat): Remove follow_links parameter.
(usage): Document the two %C directives.
(main): Accept -Z (though it's a no-op).
* src/Makefile.am (stat_LDADD): Define.
ls: Add support for SELinux and a slightly modified -Z option.
I started with the patches from Red Hat.
The entries below tell how the code evolved.
* src/ls.c (print_long_format, print_file_name_and_frills): When
there is no security context (due to getfilecon/lgetfilecon failing
with e.g. ENOTSUP), print it as "?", not "".
* src/ls.c (print_file_name_and_frills): Make -Z work without -l.
(length_of_file_name_and_frills): Likewise.
* src/ls.c: Remove the --lcontext and --scontext options.
Change the way -Z, --context work so that it no longer implies -l.
Thus, -Z -l will work like -lcontext and -Z without -l will work
like --scontext.
Adjust tests to reflect new 'ls -l' syntax -- affects only
systems with SELinux when operating on a file with no ACL.
These tests assumed that everything before the first space on
each line is the 10-byte mode string. But there may also be a "+"
in the 11th column, just before the space. However, note that this
is not new. The same thing would have happened even without the
change below, when listing a file with an ACL.
* tests/chmod/equals, tests/cp/cp-parents, tests/cp/fail-perm:
* tests/cp/link-preserve, tests/install/basic-1, tests/misc/mknod:
* tests/mkdir/parents, tests/mkdir/special-1, tests/mv/partition-perm:
Don't make compilation depend on USE_ACL. An SELinux security
context counts as an "alternate access control method", so ls
must output a "+" for each file with a security context.
* src/ls.c [struct fileinfo] (have_acl): Declare unconditionally.
(FILE_HAS_ACL): Remove macro definition. Use f->have_acl directly.
(gobble_file): Record whether a file has a security context, and
update the condition used to determine whether to print the "+".
(gobble_file): Call getfilecon/lgetfilecon also when
format == long_format, so that we get the "+".
* src/ls.c (gobble_file): Add a comment explaining why (with a
security context option) ls doesn't exit nonzero due to e.g.,
getfilecon failing with errno == ENOTSUP.
* src/ls.c (gobble_file): Ignore failure of getfilecon if it's due
to ENOTSUP.
* src/ls.c (gobble_file): Factor out three small blocks using
getfilecon and lgetfilecon.
Don't ignore return value from getfilecon and lgetfilecon.
* src/ls.c (print_long_format): Don't use ?: (empty 2nd arg with C
ternary operator).
(print_scontext_format): Likewise.
(print_scontext): Declare to be "bool", not int. Adjust uses.
* src/Makefile.am (dir_LDADD, ls_LDADD, vdir_LDADD): Add $(LIB_SELINUX).
* tests/misc/chcon: New file.
* tests/misc/chcon-fail: New file.
* tests/Makefile.am (check-root): Run new, root-only misc/chcon test.
* tests/misc/Makefile.am (TESTS): Add chcon and chcon-fail.
* tests/misc/Makefile.am (TESTS): Add selinux.
* tests/misc/selinux: New file.
* tests/help-version: Skip chcon.
* man/chcon.x: New file.
* man/Makefile.am: Build chcon.1.
New program: chcon
* gl/modules/selinux-at: New module. Check for libselinux and set
LIB_SELINUX here, unconditionally, rather than depending on
the configure-time --enable-selinux option.
* gl/modules/selinux-h: New module.
* bootstrap.conf (gnulib_modules): Add selinux-at.
* gl/lib/selinux-at.c, gl/lib/selinux-at.h: New files.
* gl/lib/se-selinux_.h: New file.
* gl/lib/se-context_.h: New file.
* gl/m4/selinux-selinux-h.m4: New file.
* gl/m4/selinux-context-h.m4: New file.
* src/Makefile.am (bin_PROGRAMS): Add chcon.
(chcon_LDADD): Define.
* README: Add chcon to the list of programs.
* src/chcon.c: Rewrite the original (Red Hat) chcon to use fts.